10542428

Security Context Handling in 5g During Handover

PublishedJanuary 21, 2020
Assigneenot available in USPTO data we have
Technical Abstract

Patent Claims
20 claims

Legal claims defining the scope of protection, as filed with the USPTO.

1

1. A security method to support handover of a user equipment from a source Access and Mobility Management Function in a first 5G core network to a target Access and Mobility Management Function in the first or a second 5G network, the method comprising: receiving, from a source base station in an access network of the wireless communication network, a first handover message indicating that a handover of a user equipment is needed; generating, responsive to determining that an operator specific policy has been met, a new non-access stratum key from a current non-access stratum key used in a current NAS security context shared between the user equipment and the source Access and Mobility Management Function; sending, responsive to the handover message, the new non-access stratum key to a target Access and Mobility Management Function; receiving, from the target Access and Mobility Management Function, a transparent container containing a key change indicator flag set to a value indicating that a non-access stratum key has been changed; and sending the transparent container with the key change indicator flag to the user equipment in a second handover message.

2

2. The method of claim 1 further comprising sending, to the user equipment, a key derivation parameter used to derive the new non-access stratum key.

3

3. The method of claim 2 further comprising: receiving the key derivation parameter from target Access and Mobility Management Function in the transparent container; and sending the key derivation parameter to the user equipment in the transparent container.

4

4. The method of claim 1 wherein the first handover message is a handover required message indicating a need for a handover of the user equipment.

5

5. The method of claim 1 wherein the new non-access stratum key is sent to the target Access and Mobility Management Function in a forward relocation request message.

6

6. The method of claim 1 wherein the non-access stratum key is a core network key.

7

7. A core network node in a first 5G core network of a wireless communication network, the core network node providing a source Access and Mobility Management Function, the core network node comprising: an interface circuit for communicating with a target Access and Mobility Management Function in the first 5G core network or a second 5G core network; and a processing circuit configured to: receive, from a source base station in an access network of the wireless communication network, a first handover message indicating that a handover of a user equipment is needed; generate, responsive to determining that an operator specific policy has been met, a new non-access stratum key from a current non-access stratum key used in a current NAS security context shared between the user equipment and the source Access and Mobility Management Function; and send the new non-access stratum key to a target Access and Mobility Management Function; receive, from the Access and Mobility Management Function, a transparent container containing a key change indicator flag set to a value indicating that a non-access stratum key has been changed; and send the transparent container to the user equipment in a second handover message.

8

8. The core network node of claim 7 wherein the processing circuit is further configured to send, to the user equipment, a key derivation parameter used to derive the new non-access stratum key.

9

9. The core network node of claim 8 wherein the processing circuit is further configured to: receive the key derivation parameter from the target Access and Mobility Management Function in the transparent container; and send the key derivation parameter to the user equipment in the transparent container.

10

10. The core network node of claim 7 wherein the first handover message is a handover required message indicating a need for a handover of the user equipment.

11

11. The core network node of claim 7 wherein the new non-access stratum key is sent to the target Access and Mobility Management Function in a forward relocation request message.

12

12. The core network node of claim 7 wherein the non-access stratum key is a core network key.

13

13. A security method implemented by a user equipment in a wireless communication network that is handed over from a source Access and Mobility Management Function in a first 5G network to a target Access and Mobility Management Function in the first 5G core network or a second 5G core network, the method comprising: receiving a handover message from a source base station in the wireless communication network, said handover message including a transparent container containing a key change indicator flag set to a value indicating that a non-access stratum key has been changed; performing a handover from the source base station to a target base station in the wireless communication network; and generating, responsive to the key change indicator flag, a new non-access stratum key from a current non-access stratum key used in a current non-access stratum security context shared with a source Access and Mobility Management Function; and establishing a new non-access stratum security context with the target Access and Mobility Management Function, said new non-access stratum security context including the new non-access stratum key.

14

14. The method of claim 13 further comprising: receiving a key derivation parameter from the source base station, and generating the new non-access stratum key using the key derivation parameter.

15

15. The method of claim 13 wherein the non-access stratum key is a core network key.

16

16. The method of claim 13 further comprising: generating a new access stratum key from a current non-access stratum key; and communicating with a target base station using the new access stratum key.

17

17. A user equipment in a 5G wireless communication network configured to implement a security procedure during a handover from a source Access and Mobility Management Function in a first 5G core network to a target Access and Mobility Management Function in the first 5G core network or a second 5G core network, the user equipment comprising: an interface circuit for communicating with network nodes in the wireless communication network; and a processing circuit configured to: receive a handover message from a source base station in the wireless communication network, said handover message including a transparent container containing a key change indicator flag set to a value indicating that a non-access stratum key has been changed; perform a handover from the source base station to a target base station in a mobility management domain of a target Access and Mobility Management Function; and generate, responsive to the key change indicator flag, a new non-access stratum key from a current non-access stratum key used in a current non-access stratum security context shared with a source Access and Mobility Management Function; and establish a new non-access stratum security context with the target Access and Mobility Management Function, said new non-access stratum security context including the new non-access stratum key.

18

18. The user equipment of claim 17 wherein the processing circuit is further configured to: receiving a key derivation parameter from the source base station, and generating the new non-access stratum key using the key derivation parameter.

19

19. The user equipment of claim 17 wherein the key derivation parameter is received with the key change indicator flag in the transparent container.

20

20. The user equipment of claim 17 wherein the non-access stratum key is a core network key.

Patent Metadata

Filing Date

Unknown

Publication Date

January 21, 2020

Inventors

Noamen Ben Henda
Christine Jost
Karl Norrman
Monica Wifvesson

Want to explore more patents?

Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.

Citation & reuse

Analysis on this page is generated by Patentable — an AI-powered patent intelligence platform. AI-generated summaries, explanations, and analysis may be reused with attribution and a visible link back to the canonical URL below. Patent abstracts and claims are USPTO public domain.

Cite as: Patentable. “Security Context Handling in 5g During Handover” (10542428). https://patentable.app/patents/10542428

© 2026 Patentable. All rights reserved.

Patentable is a research and drafting-assistant tool, not a law firm, and does not provide legal advice. Documents we generate are drafts for review by a licensed patent attorney.